Legal

Sub-processors

Last updated: April 23, 2026

A sub-processor is a third party that processes customer data on our behalf as part of delivering CeliaConnect. This page lists every sub-processor we currently use, what they do for us, and what data reaches them. We give at least thirty (30) days’ advance notice of any change, by email to the billing contact on file and by update to this page. Customers may object to a new sub-processor on reasonable data-protection grounds under our Data Processing Agreement.

Because of our no-PII architecture, none of our sub-processors ever see student names, email addresses, phone numbers, physical addresses, SSNs, dates of birth, financial account numbers, or other directly identifying information — even the ones that could technically receive such data in other deployments.

Cloudflare, Inc.

United States (with global edge locations)

In use

Purpose: Cloud infrastructure: Workers (edge compute), D1 (per-Organization databases), KV (secrets and config), R2 (cold storage and compliance archive), Pages (marketing and app hosting), Queues (async jobs), Analytics Engine (time-series), Durable Objects (coordination), Vectorize (embeddings), and cookieless Web Analytics.
Data categories: Anonymous Slate IDs, behavioral signals, tenant configuration, hash-chained audit logs, envelope-encrypted Slate service credentials, staff account metadata, and website analytics.
DPA in place: Yes — Cloudflare Enterprise DPA including SCCs where applicable.

Anthropic, PBC

United States

In use

Purpose: AI reasoning layer for CeliaConnect analyses (Engagement, Readiness, Yield, Risk, Recommendation).
Data categories: Anonymized Slate IDs and behavioral signals only. By architectural guarantee, no student names, emails, phone numbers, or other directly identifying information are ever transmitted. Runtime guardrails fail closed on any PII-shaped value.
DPA in place: Yes — Anthropic's standard DPA. Inputs are not used to train Anthropic's foundation models.

Stripe, Inc.

United States

In use

Purpose: Subscription billing, payment processing, invoicing, and Customer Portal.
Data categories: Institutional billing contact (name, work email, job title), payment method metadata (handled by Stripe, not stored in CeliaConnect), subscription and invoice records.
DPA in place: Yes — Stripe Atlas standard DPA, including Standard Contractual Clauses for EU/UK data.

Mailgun Technologies (Pathwire)

United States

In use

Purpose: Transactional email (account notifications, security alerts, billing receipts) and opt-in marketing email to institutional contacts.
Data categories: Institutional user email addresses, message subject and body content, delivery metadata. Never used to contact students.
DPA in place: Yes — Mailgun standard DPA including SCCs.

What CeliaConnect itself never processes

Because of our no-PII architecture, the following categories never reach any sub-processor regardless of the vendor’s capabilities: student names, email addresses, phone numbers, physical addresses, SSNs, dates of birth, health or disability information, financial account numbers, essay content, recommendation-letter text, photos, and biometrics. These stay inside your Slate instance.

Read the full architectural details →

Not a sub-processor: Apollo.io

For transparency: Zentrosoft uses Apollo.io as a sales-operations tool for our own outbound prospecting — contact research, enrichment, and email sequencing to institutions we wish to pursue as customers. Apollo never receives customer data, product telemetry, or Slate-derived signals. It is not a CeliaConnect sub-processor. If you have questions about a message you received, write to solutions@zentrosoft.com.

Notification of changes

Before we engage a new sub-processor that would process customer data, we post the addition on this page and email the billing contact on file at least thirty (30) days in advance. Customers may object on reasonable data-protection grounds under Section 9 of our DPA. To subscribe to a dedicated change-notification list, email solutions@zentrosoft.com.

Self-drafted on 2026-04-23 and subject to final legal counsel review before any customer signs. Not legal advice; for information only.